Definition

password hardening

Password hardening is any one of a variety of measures taken to make it more difficult for an intruder to circumvent the authentication process. Password hardening may take the form of multifactor authentication, by adding some component to the username/password combination, or may be policy-based.

Here are a few variations on password hardening:

  • Biopasswords utilizes Flash plug-ins to measure keystroke dynamics, such as a user's typing speed and how long the keys are held down. This procedure generates a distinctive biometric value that is very difficult to counterfeit.
  • A company called Bharosa (since acquired by Oracle) developed a method of password hardening that presents the user with a new image of a scrambled keyboard for each login. The user clicks password characters with the mouse. This method protects users against malicious keyloggers.
  • Policy-based password hardening typically involves practices such as enforcing strong passwords and requiring users to change their passwords frequently.

Password hardening is often said to be one of the most neglected -- and most important -- components of securing the enterprise.

This was last updated in June 2008
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: